I've created a custom open graph action that uses the publish_actions permission.

Once the user has granted this permission, which access token do I need to use to post the open graph action? Can I just use my app token or do I need to use an active user token?

I've tested this and it looks like as long as the user has granted the app the permissions, using just the app token works. I'm worried though that this might be a quirk in the api or that it might change since its not in the api docs.

Let me know how others have implemented something similar, and if it helps this open graph action has not been submitted for approval yet.

1 Answer
1

Both will work, and in some cases the app access token is needed (this is an option you can specify on specific action types), but in general you should probably use the user access token, as you'll need this to read back the data and make any other api calls on the user's behalf